Security monitor inlining and certification for multithreaded Java

Security monitor inlining is a technique for security policy enforcement whereby monitor functionality is injected into application code in the style of aspect-oriented programming. The intention is that the injected code enforces compliance with the policy (security), and otherwise interferes with the application as little as possible (conservativity and transparency). Such inliners are said to be correct. For sequential Java-like languages, inlining is well understood, and several provably correct inliners have been proposed. For multithreaded Java one difficulty is the need to maintain a shared monitor state. We show that this problem introduces fundamental limitations in the type of security policies that can be correctly enforced by inlining. A class of race-free policies is identified that precisely characterizes the inlineable policies by showing that inlining of a policy outside this class is either not secure or not transparent, and by exhibiting a concrete inliner for policies inside the class which is secure, conservative and transparent. The inliner is implemented for Java and applied to a number of practical application security policies. Finally, we discuss how certification in the style of proof-carrying code could be supported for inlined programs by using annotations to reduce a potentially complex verification problem for multithreaded Java bytecode to sequential verification of just the inlined code snippets.

Download Full-text

Formal and Automatic Security Policy Enforcement on Android Applications by Rewriting1

10.3233/faia210011 ◽

2021 ◽

Author(s):

Marwa Ziadia ◽

Mohamed Mejri ◽

Jaouhar Fattahi

Keyword(s):

Formal Methods ◽

Security Policy ◽

Security Policies ◽

Policy Enforcement ◽

Android Application ◽

System Specification ◽

Policy Specification ◽

Android Applications

With the wide variety of applications offered by Android, this system has been able to dominate the smartphone market. These applications provide all kinds of features and services that have become highly requested and welcomed by users. Besides, these applications represent risky vehicles for malware on Android devices. In this paper, we propose a novel formal technique to enforce the security of Android applications. We start off with an untrusted Android application and a security policy, and we end up in a new version of the application that behaves according to the policy. To ensure the correctness of results, we use formal methods in each step of the process, either in the system and the security policy specification or in the enforcement technique itself. The target application is reverse-engineered to its assembly-like code, Smali. An executable semantics called k-Smali was defined for this code using a language definitional framework, called k Framework. Security policies are specified in LTL-logic. The enforcement step consists of integrating the LTL formula in the k-Smali program using rewriting. It aims to rewrite the system specification automatically so that it satisfies the requested formula.

Download Full-text

Security Policy Enforcement in the OSGi Framework Using Aspect-Oriented Programming

2008 32nd Annual IEEE International Computer Software and Applications Conference ◽

10.1109/compsac.2008.149 ◽

2008 ◽

Cited By ~ 9

Author(s):

Phu H. Phung ◽

David Sands

Keyword(s):

Security Policy ◽

Policy Enforcement ◽

Aspect Oriented Programming ◽

Osgi Framework

Download Full-text

RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments

Sensors ◽

10.3390/s20102960 ◽

2020 ◽

Vol 20 (10) ◽

pp. 2960 ◽

Cited By ~ 1

Author(s):

Christina Michailidou ◽

Vasileios Gkioulos ◽

Andrii Shalaginov ◽

Athanasios Rizos ◽

Andrea Saracino

Keyword(s):

Access Control ◽

Security Policy ◽

Dynamic Networks ◽

Multicriteria Decision Making ◽

Security Policies ◽

Policy Enforcement ◽

Role Based Access Control ◽

Monitoring And Control ◽

Attribute Based Access Control ◽

Present Response

The enforcement of fine-grained access control policies in constrained dynamic networks can become a challenging task. The inherit constraints present in those networks, which result from the limitations of the edge devices in terms of power, computational capacity and storage, require an effective and efficient access control mechanism to be in place to provide suitable monitoring and control of actions and regulate the access over the resources. In this article, we present RESPOnSE, a framework for the specification and enforcement of security policies within such environments, where the computational burden is transferred to high-tier nodes, while low-tier nodes apply risk-aware policy enforcement. RESPOnSE builds on a combination of two widely used access control models, Attribute-Based Access Control and Role-Based Access Control, exploiting the benefits each one provides. Moreover, the proposed mechanism is founded on a compensatory multicriteria decision-making algorithm, based on the calculation of the Euclidean distance between the run-time values of the attributes present in the security policy and their ideal values, as those are specified within the established policy rules.

Download Full-text

Trust in Security-Policy Enforcement Mechanisms

10.21236/ada444727 ◽

2006 ◽

Author(s):

Fred B. Schneider ◽

Greg Morrisett

Keyword(s):

Security Policy ◽

Policy Enforcement ◽

Enforcement Mechanisms

Download Full-text

Poster: Shielding AppSPEAR - Enhancing Memory Safety for Trusted Application-level Security Policy Enforcement

Proceedings of the 26th ACM Symposium on Access Control Models and Technologies ◽

10.1145/3450569.3464396 ◽

2021 ◽

Author(s):

Marius Schlegel

Keyword(s):

Security Policy ◽

Policy Enforcement ◽

Memory Safety

Download Full-text

DIOXIN: runtime security policy enforcement of fog applications

International Journal of Grid and Utility Computing ◽

10.1504/ijguc.2021.114821 ◽

2021 ◽

Vol 12 (2) ◽

pp. 126

Author(s):

Enrico Russo ◽

Luca Verderame ◽

Alessandro Armando ◽

Alessio Merlo

Keyword(s):

Security Policy ◽

Policy Enforcement

Download Full-text

ABE for Vehicular Network Security Policy Enforcement

Attribute-Based Encryption and Access Control ◽

10.1201/9781351210607-12 ◽

2020 ◽

pp. 249-265

Author(s):

Dijiang Huang ◽

Qiuxiang Dong ◽

Yan Zhu

Keyword(s):

Network Security ◽

Security Policy ◽

Vehicular Network ◽

Policy Enforcement

Download Full-text

Enterprise Network Packet Filtering for Mobile Cryptographic Identities

International Journal of Handheld Computing Research ◽

10.4018/jhcr.2010090905 ◽

2010 ◽

Vol 1 (1) ◽

pp. 79-94 ◽

Cited By ~ 1

Author(s):

Janne Lindqvist ◽

Essi Vehmersalo ◽

Miika Komu ◽

Jukka Manner

Keyword(s):

Network Security ◽

Security Policy ◽

Data Transfer ◽

The Internet ◽

Policy Enforcement ◽

Enterprise Network ◽

Packet Filtering ◽

Enterprise Network Security ◽

Host Identity ◽

Mobile Clients

Firewalls are an essential component of the Internet and enterprise network security policy enforcement today. The configurations of enterprise firewalls are typically rather static. Even if client’s IP addresses can be dynamically added to the packet filtering rules, the services allowed through the firewall are commonly still fixed. In this paper, we present a transparent firewall configuration solution based on mobile cryptographic identifiers of Host Identity Protocol (HIP). HIP allows a client to protect the data transfer with IPsec ESP, and supports dynamic address changes for mobile clients. The HIP-based firewall learns the identity of a client when it communicates with the server over HIP. The firewall configures the necessary rules based on HIP control messages passing through the firewall. The solution is secure and flexible, and introduces only minimal latency to the initial HIP connection establishment.

Download Full-text

An Android runtime security policy enforcement framework

Personal and Ubiquitous Computing ◽

10.1007/s00779-011-0437-6 ◽

2011 ◽

Vol 16 (6) ◽

pp. 631-641 ◽

Cited By ~ 13

Author(s):

Hammad Banuri ◽

Masoom Alam ◽

Shahryar Khan ◽

Jawad Manzoor ◽

Bahar Ali ◽

...

Keyword(s):

Security Policy ◽

Policy Enforcement

Download Full-text

Impact of Deterrence and Inertia on Information Security Policy Changes

Journal of Information Systems ◽

10.2308/isys-52400 ◽

2019 ◽

Vol 34 (1) ◽

pp. 123-134

Author(s):

Kalana Malimage ◽

Nirmalee Raddatz ◽

Brad S. Trinkle ◽

Robert E. Crossler ◽

Rebecca Baaske

Keyword(s):

Information Security ◽

Security Policy ◽

Online Survey ◽

Security Policies ◽

Security Measures ◽

Policy Changes ◽

Information Security Policy ◽

Improve Compliance ◽

The Impact

ABSTRACT This study examines the impact of deterrence and inertia on information security policy changes. Corporations recognize the need to prioritize information security, which sometimes involves designing and implementing new security measures or policies. Using an online survey, we investigate the effect of deterrent sanctions and inertia on respondents' intentions to comply with modifications to company information security policies. We find that certainty and celerity associated with deterrent sanctions increase compliance intentions, while inertia decreases respondents' compliance intentions related to modified information security policies. Therefore, organizations must work to overcome employees' reluctance to change in order to improve compliance with security policy modifications. They may also consider implementing certain and timely sanctions for noncompliance.

Download Full-text